﻿using System;
using System.Collections;
using System.Collections.Generic;
using System.Web.Mvc;
using System.Web.Security;
using System.Web.UI;
using AgileBoard.Domain;
using AgileBoard.Dtos;
using AgileBoard.Dtos.Mappers;
using AgileBoard.Web.Controllers.Util;

namespace AgileBoard.Web.Controllers
{
    [Authorize]
    [OutputCache(Location = OutputCacheLocation.None)]
    public class UserController : BaseController
    {
        // GET: /User/GetAll

        [OutputCache(Duration = 60, VaryByParam = "*")]
        public String GetAll()
        {
            IList list = ManagerFactory.UserManager.GetByProject(CurrentUser.Project.ID);

            IList<UserDTO> result = new List<UserDTO>();

            foreach (User o in list)
            {
                result.Add(UserDTOMapper.MapToDTO(o, false));
            }
            return result.ToExtJsJson("users");
        }

        [AcceptVerbs(HttpVerbs.Post)]
        [OutputCache(Duration = 60, VaryByParam = "*")]
        public String GetUsers(bool includeFeelings)
        {
            IList list = ManagerFactory.UserManager.GetByProject(CurrentUser.Project.ID);

            IList<UserDTO> result = new List<UserDTO>();

            foreach (User o in list)
            {
                result.Add(UserDTOMapper.MapToDTO(o, includeFeelings));
            }
            return result.ToExtJsJson("users");
        }

        // POST: /User/DeleteUser

        [AcceptVerbs(HttpVerbs.Post)]
        public ActionResult DeleteUser(Guid userid)
        {
            var rdto = new ResultDTO();

            if (CurrentUser.IsDeveloper)
            {
                rdto.Message = "AccessDenied";
                rdto.Result = false;
                return Json(rdto);
            }

            try
            {
                ManagerFactory.UserManager.DeleteUser(userid);
                rdto.Message = "Success";
                rdto.Result = true;
            }
            catch
            {
                rdto.Message = "Failure";
                rdto.Result = false;
            }
            return Json(rdto);
        }

        // POST: /User/GetUser

        [AcceptVerbs(HttpVerbs.Post)]
        public ActionResult GetUser(Guid userid)
        {
            var rdto = new ResultDTO();
            User user = ManagerFactory.UserManager.GetUser(userid);

            if (user != null)
            {
                UserDTO dto = UserDTOMapper.MapToDTO(user, false);
                rdto.Message = "Access to user data successfully";
                rdto.Result = true;
                rdto.Data = dto;
            }
            else
            {
                rdto.Message = "NotFound";
                rdto.Result = false;
            }
            return Json(rdto);
        }

        // POST: /User/ChangePassword

        [AcceptVerbs(HttpVerbs.Post)]
        public ActionResult ChangePassword(string OldPassword, string NewPassword)
        {
            var rdto = new ResultDTO();

            try
            {
                User user = CurrentUser;
                if (!string.IsNullOrEmpty(user.Password) && user.Password != EncryptPassword(OldPassword))
                {
                    rdto.Message = "Password didn't match, please try again.";
                    rdto.Result = false;
                }
                else if (string.IsNullOrEmpty(user.Password) || user.Password == EncryptPassword(OldPassword))
                {
                    user.Password = EncryptPassword(NewPassword);
                    ManagerFactory.UserManager.UpdateUser(user);
                    rdto.Message = "Success";
                    rdto.Result = true;
                }
            }
            catch (Exception ex)
            {
                rdto.Message = ex.Message;
                rdto.Result = false;
            }

            return Json(rdto);
        }

        // POST: /User/Update 

        [AcceptVerbs(HttpVerbs.Post)]
        public ActionResult UpdateUser(UserDTO User)
        {
            var rdto = new ResultDTO();
            User u = UserDTOMapper.MapFromDTO(User);

            try
            {
                ManagerFactory.UserManager.UpdateUser(u);
                rdto.Message = "Success";
                rdto.Result = true;
                rdto.Data = u.ToExtJsJson();
            }
            catch
            {
                rdto.Message = "Failure";
                rdto.Result = false;
            }

            return Json(rdto);
        }

        // POST: /User/Add

        [AcceptVerbs(HttpVerbs.Post)]
        public ActionResult AddUser(UserDTO User)
        {
            var rdto = new ResultDTO();

            User u = UserDTOMapper.MapFromDTO(User);
            try
            {
                if (!String.IsNullOrEmpty(u.Password)) u.Password = EncryptPassword(u.Password);
                u.Project = CurrentUser.Project;
                u = ManagerFactory.UserManager.SaveUser(u);
                rdto.Message = "Success";
                rdto.Result = true;
                rdto.Data = u.ToExtJsJson();
            }
            catch
            {
                rdto.Message = "Failure";
                rdto.Result = false;
            }

            return Json(rdto);
        }

        [NonAction]
        public virtual string EncryptPassword(string password)
        {
            return FormsAuthentication.HashPasswordForStoringInConfigFile(password, "SHA1");
        }
    }
}